Windows has a built-in firewall that blocks inbound connections. If a program wants to act as a server, Windows will prompt you. Some geeks don’t like the built-in firewall because it doesn’t offer the same prompts for outgoing connections.
The Windows firewall allows all programs on your computer to connect to the Internet without asking you. There’s a whole firewall industry bent on convincing average users that they need additional protection, but you really don’t.
Outbound Firewalls vs. Inbound Firewalls
The Windows firewall only shows you a single type of application-related firewall prompt. When an application wants to function as a web server — for example, if you install web server software, start using a BitTorrent client, or host a game server — you’ll see a prompt saying the application wants to function as a server. If you consent, the application can then receive incoming connections from the Internet or your local network. Of course, you’ll still have to forward ports on your router if the application doesn’t support UPnP to automatically forward the ports.
Such prompts are infrequent, so they’re easier to deal with. If an application wants to function as a server, it will prompt you — so you know you have the final say over what types of incoming connections can be established to your computer.
Outbound firewalls take this one step further. Whenever any application wants to connect to the Internet or local network, you’ll see a prompt. If you decline the connection, your firewall will prevent the application from connecting.
Why Outbound Firewalls Are Pointless For Most People
The reality is that outbound firewalls aren’t a useful security tool for the average user. Here’s why:
- Outbound firewalls just prevent applications on your computer from connecting to the Internet. If you see that a piece of malware is trying to connect to the Internet, you’ve already lost because it’s running on your computer. The malware can do a lot of damage without Internet access.
- If a malicious program were running on your computer and had access to your system, it could likely open its own holes in your firewall software. Again, once the malicious software is running on your system, you’ve already lost.
- Malware could piggyback on other programs to communicate over the Internet. For example, a piece of malware could open a special web address in your browser to ping a server, capture the page that the server sends back, and use the data. It’s difficult to completely isolate an application from the Internet.
Outbound firewalls aren’t an effective defense against malware. You should focus on using an effective antivirus program, keeping your software up-to-date, and making sure you don’t have Java installed. That will keep your PC much more secure than using an antivirus program that won’t help much after the fact. If your computer is compromised, it’s compromised.
Many geeks say that they like using an outbound firewall to block apps that aren’t malware but aren’t too trustworthy from “phoning home.” You’d only know if such an app was phoning home if you were running an outbound firewall, after all.
Ultimately, you shouldn’t be running an application you don’t trust on your computer. If you’re using an application but you don’t trust it enough to let it access the Internet, you’re likely making a mistake — you’ve already trusted the application quite a bit by giving it full access to your system. In this day and age, almost every program will be connecting to the Internet for some reason, whether it’s to sync your personal data with an online service or just check for updates online.
Windows Has Built-In Outbound Firewall Features
Outbound firewalls aren’t entirely useless. If you have a specific need and really want to prevent a specific application from connecting to the Internet, this can be useful — but most people don’t need to do this.
If you really want to block an application from connecting to the Internet, you don’t have to install a new firewall. You can just use the Windows Firewall With Advanced Security administration tool to create an advanced firewall rule that will block the application from connecting to the Internet.
Of course, if you’re configuring some sort of server, you may want to configure outbound firewall rules to lock the machine down. But that’s different from installing ZoneAlarm on a Windows desktop system.
Why You Shouldn’t Worry
Sure, you could install a third-party firewall on your Windows PC and get outbound firewall capabilities. You’d then be able to control which applications can connect to the Internet and “see which applications are phoning home,” as some geeks like to put it.
In this day and age, this is pretty silly. Almost every application on your computer is likely connecting to the Internet — if only to check for updates. You can assume that most programs on your computer are connecting to the Internet for some reason or another.
While outbound firewalls aren’t actively harmful, they do come with a few big negatives. First of all, firewall software you would install is heavier than the built-in Windows firewall. It will take up more system resources and often nag you to upgrade to a paid version. If it’s part of an Internet security suite, it will add other programs you don’t need to your system.
The firewall will also add complexity to your life. Rather than using your computer normally, you’ll have to make fairly frequent decisions about which applications can connect to the Internet. You’ll probably want to allow most — if not all — applications through. Even an application that shouldn’t need Internet access will probably want to check for updates. Average users — even average geeks — shouldn’t have to deal with a barrage of prompts that require them to figure out what a background process is actually doing.